SlideShare une entreprise Scribd logo

Michael Jones-Resume-OCT2015

Télécharger en tant que DOCX, PDF
M
Michael Jones, CCIE, CISSP, PMP
1  sur  6
MichaelJones,CCIE,PMP,CISSP,CEH Sr. Cyber Security Engineer – Active TS/SCI Security Clearance Alexandria, VA Open to Relocation Nationwide,100% Travel Acceptable mjones@cyberresearchgroup.com • Over 20 years experience in the IT industry and over 15 years experience in cyber security. • Certified Penetration Tester and IBM AIX System Administrator and Network Engineer,school trained in Tivoli Netview as well as other Tivoli server management tools. • In Depth experience with DISA DIACAP, NIST RMF, FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers.Uploaded artifacts to eMASS. • Have been responsible for ethical hacking and penetration testing. • Experience in performing VulnerabilityTesting and used Tenable Nessus Server and Client,sniffers including:Wireshark,NetscoutEnterprise Sniffer and Observer 6.x. • Have a very extensive and diverse background with LINUX and many"flavors" of UNIX to include, AIX, IRIX and BSD. • Knowledge of installing and configuring Cisco routers, switches, firewalls and VPNs. • Responsible for analyzing possible securitythreats to overseas sites located in 140 US Consulates in 136 countries with Cisco Mitigation Attack Response Solution (MARS). • Experience with overseas network security and any new working with threats/risks. • Extensive experience with On-call 24/7 for overseas and local sites. • Member of SANS.org, ISC2, and other security related groups. • Experience with conducted drills for site disaster recoveries and leading and decision making during day- to- day operations disaster recovery situations. • Experience with many firewalls;Juniper,Cisco,F5,Bluecoat, Fortigate, McAfee Sidewinder/NGFW, Palo Alto, Check Point, Websense, WORK EXPERIENCE Sr. Cyber Security Engineer/Consultant Cyber Research Group – Alexandria, VA - November 2012 to Present • Responsible for maintaining Cisco PIX/ASA, Cisco Nexus Switches as well as other Cisco products. • Updated and added rules daily while my work was verified via peer reviews. • Validated other engineers' work via the peer review system. • Assisted in the design and modification of new and updated VLANs. • Responsible for using network sniffers, such as, Wireshark when problems arose on the network. • Documented changes made to firewalls both in the configuration file and in network documentation. • Responsible for the installation and maintenance of Checkpoint Firewalls. • In charge of setting and maintaining change management and emergency change management policies. • Responsible for maintaining and reporting on Security Threats to CIO. • Keep up with latest security related techniques and advise on updates to the infrastructure. • Manage the support of all network and security equipment needed to conduct daily operations. • Manage any and all critical situations that involve perimeter penetrations. • Responsible for scheduling any needed / requested training. • Check firewall logs daily and VPN logs daily and report on any anomalies. • Responsible for updating and writing new access lists and rule sets. • Responsible for maintaining and controlling Cisco ASA 5500 series as well as HP Openview. • Personallyresponsiblefor "no access rules" to malicious URL's on both Blue Coatand Checkpoint Firewalls • Created new rules for both IPS and IDS devices. (IPS/IDS was the IBM Proventia) • Respond for working and managing suspected malware tickets and calls. • Collect,analyze, correct and remove any suspected malware, spyware, Trojans and / or Virus and Worms. • Wrote incident reports to Symantec and US CERT when hostile files and code are found.
• Create and updated firewall and IPS, IDS signatures and rules as needed to secure the network. • Skilled in the use of Remedy for ticketing process and procedures. • Used FireEye to aid in attack and attack vector investigations. ◦ This enabled us to do TCP traces on the packets that were captured by the tool. ◦ Located hostile malware.In the course ofthe investigation we were able to locate copy and neutralize the malware. ◦ Riverbed was also used to acquire information betweenan internal system and a possible malware system. ◦ Reports were generated and packets were copied to go through with Wireshark or other packet analyzers view all communications between the hostile system and the government system. • Used Ethical Hacking,PEN testing,Forensic and management tools such as, FireEye, IBM Proventia ISS (IPS/IDS), Imperva (Layer 4 Firewall), BlueCoat Proxy Servers, Barracuda Packet Collectors and Application Rebuilder,Riverbed Profiler as well as BacKTrak LINUX (Forensics),Metasploit and other tools as specified by US CERT, FCC, NIST and FISMA standards. • Worked with Cisco PIX 500 series, Cisco FWSM, ASA 5500 and CheckPoint Firewalls R61 - R75. Sr. Security Analyst / Network Engineer FDA - Bethesda, MD - January 2011 to October 2012 • Responsible for the installation, configuration and maintenance ofall servers and workstations in the division.This included securityscanning and hardening ofall workstations and servers. • Created Shell Scripts in multiple scripting languages. ◦ Used them in OS Crontab as well as web server CGI-Bin. • Created and updated process and procedure documentation dealing with securityor forensic studyof malware. • Perform on-call duties every other month or as needed according to team schedule. • Update Ethical Hacking and PEN testing tools such as,CANVAS, Metasploitand other tools as specified by the clientand their standards • Perform on-call duties every other month or as needed according to team schedule. • Install and configure Cisco ASA / PIX and Checkpointfirewalls as needed bythe customer.Also in charge of maintaining proper IOS code level and keep the configurations to a manageable size. Sr. Security Analyst / Network Engineer Unisys - Washington,DC - March 2010 to January 2011 • Responsible for the installation, configuration and maintenance ofall network securitydevices. This included Cisco PIX 525 / 535, ASA 5500. • Responsible for using and creating shell scripts. • Created new jobs and processes with korn shell (as an example) in order to be placed in to cron jobs on given LINUX servers. • Created and updated processes and procedural documentation for Security Team. • Updated patches,changed and coded as needed. • Performed on-call duties every other month or as needed according to team schedule. • Updated Ethical Hacking and PEN testing tools such as,CANVAS, Metasploitand other tools as specified by Unisys standards. Sr. Security Analyst / Network Engineer Architect Of The Capitol - Washington,DC - May 2008 to March 2010 • Responsible for the installation,configuration and maintenance ofall network securitydevices, including: Checkpointw/ R70 - R62, Cisco PIX 525 / 535, ASA 5500, done weekly. • Responsible for using and creating shell scripts. • Created new jobs andprocesses with kornshell(as an example) in order to placecron jobs on LINUXservers. • Worked with NIST and FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers.
• Worked with DCID 6/x, • Used DISA Gold Disk,along with checklistand scripts. • Used WebRoot to check organization desktops and server for spyware and other malwarein order to generate monthlyreports. • Used Symantec ClientSecurity (3.0) enterprise wide,Antivirus (10.0) and ClientFirewall. • Used Symantec SIM for information and risk compliance. • Responsible for writing new policy and procedures and updating old ones as well as all Security Information Management. • Responsible for reviewing proposed changes to the A.O.C. Network with Visio diagrams or PDF files. • Marked recommendations thatwentalong with proposed changes to the A.O.C. Network. • Monitored all emergencychanges to the network from the securityside,made recommendations and enforced policy during said changes. • Responsible for ethical hacking and penetration testing.Primarilyused Metasploitand Canvas. • Performed VulnerabilityTesting and used Nessus Server and Client,sniffers including:Wireshark, NetscoutEnterprise Sniffer. • Installed and maintained testing tools in order to perform packet captures and logging of captures. Sr. Network / Firewall Engineer IBM - Manassas,VA - September 2007 to March 2008 • Responsible for the installation, configuration and maintenance of all network security devices including: Cisco PIX 525 / 535, ASA 5500, Cisco IOS 12.4.x, CATOS […] PIXOS 6.x-7.x, and Nokia IP380's, Firewall Service Module (FWSM) and running CheckPoint Firewall IPSO 3.8+. • Worked extensively with the VPN Concentrator,Juniper Networks - Netscreen VPN products and device clustering. • Worked with Nortel Contivity, Cisco Works, HP OpenView and Eye of the Storm. • Responsible for the up keep and maintenanceofapproximately20 LINUXservers.All of which required shell scripting for new jobs and processes,such as processing logs files. • Worked with Perl and Java script in order to create new scripts or reverse engineer current scripts. • Was responsible for setting a point-to-pointVPN connection between PIX 501 and Linksys 54G.Later in the projectwe used the "easy vpn config" to switch out the Pix 501 with an ASA 5509. • Worked with NIST and FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers. • Responsible for the creationofinfrastructuredocumentationsuch as Visiodiagrams,policies and procedures,governing changes to configurations or the addition of new rules. • Worked with NIST and FISMA standards, both practical application for networking equipment,desktop configuration,Windows and UNIX servers. • Updated procedures and conducted drills for site disaster recoveries. • Installed and maintained ArcSightSIMas well as the dailyuse for analyzing the networks differentnetworks. • Installed,configured and maintained Cisco Load Balancers.Also responsible for weekend and after hours callouts for troubleshooting. • Installed and maintained nCircle and used for daily for vulnerability scanning. • Used Wireshark and Metasploit Framework tools for scanning and capturing data • Administered network management software,SolarWinds, CiscoWorks, Tivoli NetView, HP,and OpenView. • Created rule-sets in Cisco MARS used to interrogate security logs generated by MARS. • Monitored firewall logs daily for any changes and suspicious activity. • Maintained virus, worm and other malicious threatawareness through subscriptions with SANS.org, CheckPoint,Symantec, Cisco and Microsoft Security Website,and Metasploit. • Highly skilled in the use and implementation ofCheckpointDashboard products including CheckpointNGX R65 and below. • Extensive uses of packet capture software such as WireShark, and Observer. • Maintained rule sets, policies and code levels on Bluecoat Proxy server and Websense Security Suite. • Extensive experience with numerous network monitoring,scanning and reporting solutions and Security Information Management (SIM). • Used LINUX (RedHat, Slackware) daily.
• Install and configured Cisco routers using IOS 12.4(2)T, using OSPF, EIGRP, static routing also have extensive experience in the use of ACL's in routers,firewalls and switches. • Was responsible for being on 24/7 on-call in the US Army. Network Engineer / Sr. Security Independent Contractor - Federal - Washington, DC - April 2007 to September 2007 Responsible for analyzing possible security threats to overseas sites located in 140 US Consulates in 136 countries.Accomplished byusing Cisco MARS (Mitigation, Attack, Response,Solution).It was installed and configured by myself. This solution was able to pull logs from multiple vendor firewalls, systems then correlated the obtained information in to incidents, events, reporting, attack diagrams and threat matrixes. • Was responsible for configuring and maintaining the Cisco VPN 3000 Concentrator.Cisco Pix 501 to 535 models andmaking the 501talk to a Linksys 54GWireless Router while in firewall modefor an offsite network. • Worked with NIST and FISMA standards,both practical application for networking equipment, desktop configuration,Windows and UNIX servers. • Setup monitoring of Cisco routers and switch logs using Cisco Works. • Used Performance Monitoring with SolarWinds Orion and Cisco Works Intranet Performance Monitor. • Responsible for writing scripts to be used byCisco Works to automate processes,such as,changing Secret / VTY and user passwords monthly. • Used Symantec Client Security (3.0) enterprise wide, included was Antivirus (10.0) and Client Firewall • Used Symantec SIM for information and risk compliance. • On-call 24/7 for emergencyresponse atthe DC site as wellas making myselfavailable to our overseas sites. • Was also responsible for configuring bandwidth trending,alerting for critical system processes and devices listed as down. ◦ The system was configured to send pages / text messages to cell phones as well as emails. ◦ Used extensively to scan, track, prevent and report attempted cyber-attacks against USDA Foreign Assets. Further assessment of intelligence that originated in the Middle East, North Africa, parts of Israel, along with other regions and countries thatwere known to be sympathetic / friendly to those areas yielded more information on pointoforigin for suspected attacks.This also provided more intelligence on suspected internet crime organizations in various regions of the world. Information gathered on suspected terror groups was passedon to the intelligence organizations while suspectedinternationalInternetcriminal groups were passed on to INTERPOL. Also skilled in IBM (SIM) and Symantec (SIM) • Participated in real world operations in that region contributed greatly to expert knowledge of the area's people,cultures,customs,technological demographics, conventional terrorism as well as cybercrime and terror organizations were instrumental in creating network and utilities risk assessments and analysis. • Had access to all Cisco routers, switches and VPN concentrators of all sites both local and worldwide. Also skilled in troubleshooting all above listed Cisco devices.Was responsible for upgrading Cisco Secure ACS and TACACS to TACACS+. • Tasked with maintaining user VPN accounts and network engineering /admin accounts on TACACAS+ so all equipmentcould be accessed bythe use of single user id ,password and enable /secret passwords. • Skilled in installing, configuring, maintaining and troubleshooting Juniper devices, such as NetScreen. • Extensive use of OSPF and EIGRP as primary routing protocols while working for the USDA. • Worked closelywith US State Departmentand Foreign Agriculture Service, upper managementto provide reports in reference to overseas network securityand any new possible threats / risks. • Studied extensively diverse topics and technologies regarded by experts as information warfare, which consisted of malicious code, including, Java Applets, JavaScript, macros and other scripting and markup languages.Also conducted planned DoS attacks,IP and MAC address spoofing as well as Ethical Hacking and Cracking (A.K.A. Pen Testing). • Proved valuable performing risk assessments ofnew equipment and potentiallyvolatile situations caused by erroneous configurations or breaches of security. • Worked with NIST, NIACAP, DIACAP and FISMA procedures and protocols • Extensive experience configuring PKIand AES encryption in Cisco Routers and PIX Firewall and ASA 5500 series Cisco Firewalls Sr. Network and Security Engineer / Team Leader / Project Manager
IBM Global Services - Ashburn, VA - December 1999 to April 2007 • Responsible for boarding external and internal IBM customers in the Ashburn Virginia Collocation facility. • Responsible for annual budget. Employee reviews and SAS70 security inspections. • Worked on a regular basis as a CCNA and CCNP level. At the time I did actually have a CCDA. • Responsible for the managementof30 employees and contractors,career counseling and annual reviews. Also responsible for hiring and termination of employees as necessary. • Daily use of Tivoli Management products such as Netview and Storage Manager. I am also familiar with almost all IBM products. To include HMC AIX systems management tools, Tivoli setup, maintenance and upgrades. • Designed,implemented and managed custom Tivoli Netview and Cisco Works 2000 and Cisco Works LSM 2.6 Solutions for customers in Collocation and Fully Managed Environments. • Also skilled in the use of MRTG on infrastructure devices for measuring bandwidth. • Skilled in using the reporting element of MRTG. • Extremely familiar with NIST, both practical application for networking equipment, desktop configuration, Windows and UNIX servers.Referenced NIST SP 800-50 and SP 800-40 series primarily for safeguarding MS Windows OS, UNIX / LINUX OS and network printers. • Use physical security protocols and procedures to include social engineering, shoulder surfing, physical lock picking and other measures such as dumpster diving to test physical security as well as security software, packet monitoring software and products such as Solar Winds Orion and download able tools such as TCPDUMP, ETHERRAPE, ETHEREAL as well as password crackers and keystroke recorders to test logical / virtual security. Also taught techniques to senior staff members that were actively involved in ongoing security protocols and procedures. • Thinking out of the box or much like a professional cooperate s py when it comes to security. • Worked with TCP/IP every day. Due to clients and the way they were managed Iusuallydealt with the first three layers of the TCP/IP Stack. But have worked extensively with all seven layers at one time or another. • Installed and configured Cisco 6509 Core switches, Cisco 6504, Cisco 4008 Switches as well as Cisco 1700 series through Cisco 12008 GSR Routers. • Maintained redundant OC-3 connections to the Collocation site. Used OSPF, EIGRP, RIP, RIP II and IGRP during router configurations. Also skilled in troubleshooting these protocols using SNMP and it's MIB Database. • Installed and configured Big-IP F5's. Was also responsible for troubleshooting during weekend and after hour's callouts. • Skilled in SONET, POS, Frame Relay, T-1, Fractional T-1, ISDN PRI and BRI, I also work well with service providers such as Sprint and Verizon to complete circuits and projects. • Was responsible for installing and configuring Cisco and Juniper VPN solutions, servers and clients. • Highly skilled in troubleshooting both Microsoft workstations and servers. Former MSCE (WinNT 4.0), so I'm very skilled in Microsoft Operating Systems. (All of them). • Extraordinarily work well with teams as a team member or as a team lead. I always know my place and where I stand with in a team never overstep my bounds without prior permission from either the team lead or management. • Also skilled with solutions and reporting tools such as Cisco MARS. • Responsible for troubleshooting customer network equipment such as, Nokia IP 330 and 660 Firewalls running Checkpoint firewall, Cisco PIX Firewalls as well as Cisco and Nortel Routers and switches. Checked firewall logs daily for any new issues. And ran them against Cisco (MARS) - Mitigation Attack Response Solution. • Wrote process and procedures for Collocation and fully managed network environments. • Was responsible for leading and decision making during day to day operations and as well as disaster recovery situations. • Designed and built Security and Network Operations Center at the data centers as well as wrote all Standard Operating Procedures for both NOC and SOC. Also worked shifts when we were short of employees due to illness and vacations. US Army Warrant Officer (255N Network Management Technician)
Fort Gordon, GA - May 1990 to January 1996 Network Engineer for the U.S. Army Signal School. EDUCATION Master of Science, Computer Science (3.73 GPA) Virginia Tech, College ofEngineering – 1997 - 1999 Blacksburg,VA CERTIFICATIONS CCIE Security CCIE Routing and Switching CISSP, CEH, PMP, Security+ CE SKILLS Network Security (10+ years), Network Management(10+ years), Network Engineering (10+ years), Firewalls (10+ years),Routers (10+ years), Switches (10+ years), Penetration Testing (10+ years), Vulnerability Assessments (10+ years).

Recommandé

Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy BeyondTrust
 
Enterprise Forensics 101
Enterprise Forensics 101Enterprise Forensics 101
Enterprise Forensics 101Mona Arkhipova
 
Shay - 2018 updated
Shay - 2018 updatedShay - 2018 updated
Shay - 2018 updatedNathan Shay
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Tim Mackey
 
Secure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackSecure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackTim Mackey
 
2017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f022017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f02Shawn Wells
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 

Recommandé

Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy BeyondTrust
 
Enterprise Forensics 101
Enterprise Forensics 101Enterprise Forensics 101
Enterprise Forensics 101Mona Arkhipova
 
Shay - 2018 updated
Shay - 2018 updatedShay - 2018 updated
Shay - 2018 updatedNathan Shay
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing KeynoteDigital Bond
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Tim Mackey
 
Secure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackSecure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackTim Mackey
 
2017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f022017 02-17 rsac 2017 tech-f02
2017 02-17 rsac 2017 tech-f02Shawn Wells
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC coreMona Arkhipova
 
What's New in StealthWatch v6.5
What's New in StealthWatch v6.5 What's New in StealthWatch v6.5
What's New in StealthWatch v6.5 Lancope, Inc.
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
Chaos monitoring
Chaos monitoringChaos monitoring
Chaos monitoringMona Arkhipova
 
Security in the Age of Open Source
Security in the Age of Open SourceSecurity in the Age of Open Source
Security in the Age of Open SourceBlack Duck by Synopsys
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter RiskNaut
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15Richard Sackman
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016Scot Berner
 
Panda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security
 
Ccna sec
Ccna secCcna sec
Ccna secshg4916
 
venky 123
venky 123venky 123
venky 123eganti venkatesh
 
Resume-John-Whitney
Resume-John-WhitneyResume-John-Whitney
Resume-John-WhitneyJohn Whitney
 

Contenu connexe

Tendances

What's New in StealthWatch v6.5
What's New in StealthWatch v6.5 What's New in StealthWatch v6.5
What's New in StealthWatch v6.5 Lancope, Inc.
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUG IT
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter RiskNaut
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15Richard Sackman
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016Scot Berner
 
Panda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security
 
Ccna sec
Ccna secCcna sec
Ccna secshg4916
 

Tendances (20)

Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC core
 
What's New in StealthWatch v6.5
What's New in StealthWatch v6.5 What's New in StealthWatch v6.5
What's New in StealthWatch v6.5
 
VMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend MicroVMUGIT UC 2013 - 03b Trend Micro
VMUGIT UC 2013 - 03b Trend Micro
 
Chaos monitoring
Chaos monitoringChaos monitoring
Chaos monitoring
 
Security in the Age of Open Source
Security in the Age of Open SourceSecurity in the Age of Open Source
Security in the Age of Open Source
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter NAC - A Solution for Disappearing Perimeter
NAC - A Solution for Disappearing Perimeter
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
 
Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15Richie_Sackman-_Resume_8-13-15
Richie_Sackman-_Resume_8-13-15
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception Solution
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016Loggin alerting and hunting technology hub 2016
Loggin alerting and hunting technology hub 2016
 
Panda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection PlusPanda Security - Endpoint Protection Plus
Panda Security - Endpoint Protection Plus
 
Ccna sec
Ccna secCcna sec
Ccna sec
 

Similaire à Michael Jones-Resume-OCT2015

Resume-John-Whitney
Resume-John-WhitneyResume-John-Whitney
Resume-John-WhitneyJohn Whitney
 
JAMES ABSHIRE-Resume (2)
JAMES ABSHIRE-Resume (2)JAMES ABSHIRE-Resume (2)
JAMES ABSHIRE-Resume (2)Jim Abshire
 
KennethBaughResume_2015
KennethBaughResume_2015KennethBaughResume_2015
KennethBaughResume_2015Ken Baugh
 
Nana Owusu resume today
Nana Owusu resume todayNana Owusu resume today
Nana Owusu resume todayNana Owusu
 
TIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_SecurityTIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_Securitycarl yu
 
ResumeAsOfApril_30_2016.pdf
ResumeAsOfApril_30_2016.pdfResumeAsOfApril_30_2016.pdf
ResumeAsOfApril_30_2016.pdfGregory Edwards
 
Naitik resume Feb2022
Naitik resume Feb2022Naitik resume Feb2022
Naitik resume Feb2022NaitikBhatt3
 
Brian_Starr_Resume
Brian_Starr_ResumeBrian_Starr_Resume
Brian_Starr_ResumeBrian Starr
 
Willard_Grayson_201505
Willard_Grayson_201505Willard_Grayson_201505
Willard_Grayson_201505Will Grayson
 
Resume | Vijay Navgire
Resume | Vijay Navgire Resume | Vijay Navgire
Resume | Vijay Navgire Vijay Νavgire
 
Resume for James McGarity
Resume for James McGarityResume for James McGarity
Resume for James McGarityJames McGarity
 
Malik it eng 7 years 1
Malik it eng 7 years 1Malik it eng 7 years 1
Malik it eng 7 years 1Abdul Malik
 
KINGSLEY_OWUSU_Resume_IT
KINGSLEY_OWUSU_Resume_ITKINGSLEY_OWUSU_Resume_IT
KINGSLEY_OWUSU_Resume_ITKingsley King
 

Similaire à Michael Jones-Resume-OCT2015 (20)

venky 123
venky 123venky 123
venky 123
 
Resume-John-Whitney
Resume-John-WhitneyResume-John-Whitney
Resume-John-Whitney
 
Mike lakhani hou2
Mike lakhani hou2Mike lakhani hou2
Mike lakhani hou2
 
JAMES ABSHIRE-Resume (2)
JAMES ABSHIRE-Resume (2)JAMES ABSHIRE-Resume (2)
JAMES ABSHIRE-Resume (2)
 
KennethBaughResume_2015
KennethBaughResume_2015KennethBaughResume_2015
KennethBaughResume_2015
 
Nana Owusu resume today
Nana Owusu resume todayNana Owusu resume today
Nana Owusu resume today
 
TIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_SecurityTIANQIANG_Carl_Network_Security
TIANQIANG_Carl_Network_Security
 
ResumeAsOfApril_30_2016.pdf
ResumeAsOfApril_30_2016.pdfResumeAsOfApril_30_2016.pdf
ResumeAsOfApril_30_2016.pdf
 
Vladimir_Ulogov_Resume
Vladimir_Ulogov_ResumeVladimir_Ulogov_Resume
Vladimir_Ulogov_Resume
 
Naitik resume Feb2022
Naitik resume Feb2022Naitik resume Feb2022
Naitik resume Feb2022
 
Brian_Starr_Resume
Brian_Starr_ResumeBrian_Starr_Resume
Brian_Starr_Resume
 
Willard_Grayson_201505
Willard_Grayson_201505Willard_Grayson_201505
Willard_Grayson_201505
 
Deepika_Resume
Deepika_ResumeDeepika_Resume
Deepika_Resume
 
Resume | Vijay Navgire
Resume | Vijay Navgire Resume | Vijay Navgire
Resume | Vijay Navgire
 
Resume for James McGarity
Resume for James McGarityResume for James McGarity
Resume for James McGarity
 
Senthil _Updated _Resume_V1
Senthil _Updated _Resume_V1Senthil _Updated _Resume_V1
Senthil _Updated _Resume_V1
 
Malik it eng 7 years 1
Malik it eng 7 years 1Malik it eng 7 years 1
Malik it eng 7 years 1
 
KINGSLEY_OWUSU_Resume_IT
KINGSLEY_OWUSU_Resume_ITKINGSLEY_OWUSU_Resume_IT
KINGSLEY_OWUSU_Resume_IT
 
NetworkEngineer(Mateen)
NetworkEngineer(Mateen)NetworkEngineer(Mateen)
NetworkEngineer(Mateen)
 
_RESUME_
_RESUME__RESUME_
_RESUME_
 

Michael Jones-Resume-OCT2015

  • 1. MichaelJones,CCIE,PMP,CISSP,CEH Sr. Cyber Security Engineer – Active TS/SCI Security Clearance Alexandria, VA Open to Relocation Nationwide,100% Travel Acceptable mjones@cyberresearchgroup.com • Over 20 years experience in the IT industry and over 15 years experience in cyber security. • Certified Penetration Tester and IBM AIX System Administrator and Network Engineer,school trained in Tivoli Netview as well as other Tivoli server management tools. • In Depth experience with DISA DIACAP, NIST RMF, FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers.Uploaded artifacts to eMASS. • Have been responsible for ethical hacking and penetration testing. • Experience in performing VulnerabilityTesting and used Tenable Nessus Server and Client,sniffers including:Wireshark,NetscoutEnterprise Sniffer and Observer 6.x. • Have a very extensive and diverse background with LINUX and many"flavors" of UNIX to include, AIX, IRIX and BSD. • Knowledge of installing and configuring Cisco routers, switches, firewalls and VPNs. • Responsible for analyzing possible securitythreats to overseas sites located in 140 US Consulates in 136 countries with Cisco Mitigation Attack Response Solution (MARS). • Experience with overseas network security and any new working with threats/risks. • Extensive experience with On-call 24/7 for overseas and local sites. • Member of SANS.org, ISC2, and other security related groups. • Experience with conducted drills for site disaster recoveries and leading and decision making during day- to- day operations disaster recovery situations. • Experience with many firewalls;Juniper,Cisco,F5,Bluecoat, Fortigate, McAfee Sidewinder/NGFW, Palo Alto, Check Point, Websense, WORK EXPERIENCE Sr. Cyber Security Engineer/Consultant Cyber Research Group – Alexandria, VA - November 2012 to Present • Responsible for maintaining Cisco PIX/ASA, Cisco Nexus Switches as well as other Cisco products. • Updated and added rules daily while my work was verified via peer reviews. • Validated other engineers' work via the peer review system. • Assisted in the design and modification of new and updated VLANs. • Responsible for using network sniffers, such as, Wireshark when problems arose on the network. • Documented changes made to firewalls both in the configuration file and in network documentation. • Responsible for the installation and maintenance of Checkpoint Firewalls. • In charge of setting and maintaining change management and emergency change management policies. • Responsible for maintaining and reporting on Security Threats to CIO. • Keep up with latest security related techniques and advise on updates to the infrastructure. • Manage the support of all network and security equipment needed to conduct daily operations. • Manage any and all critical situations that involve perimeter penetrations. • Responsible for scheduling any needed / requested training. • Check firewall logs daily and VPN logs daily and report on any anomalies. • Responsible for updating and writing new access lists and rule sets. • Responsible for maintaining and controlling Cisco ASA 5500 series as well as HP Openview. • Personallyresponsiblefor "no access rules" to malicious URL's on both Blue Coatand Checkpoint Firewalls • Created new rules for both IPS and IDS devices. (IPS/IDS was the IBM Proventia) • Respond for working and managing suspected malware tickets and calls. • Collect,analyze, correct and remove any suspected malware, spyware, Trojans and / or Virus and Worms. • Wrote incident reports to Symantec and US CERT when hostile files and code are found.
  • 2. • Create and updated firewall and IPS, IDS signatures and rules as needed to secure the network. • Skilled in the use of Remedy for ticketing process and procedures. • Used FireEye to aid in attack and attack vector investigations. ◦ This enabled us to do TCP traces on the packets that were captured by the tool. ◦ Located hostile malware.In the course ofthe investigation we were able to locate copy and neutralize the malware. ◦ Riverbed was also used to acquire information betweenan internal system and a possible malware system. ◦ Reports were generated and packets were copied to go through with Wireshark or other packet analyzers view all communications between the hostile system and the government system. • Used Ethical Hacking,PEN testing,Forensic and management tools such as, FireEye, IBM Proventia ISS (IPS/IDS), Imperva (Layer 4 Firewall), BlueCoat Proxy Servers, Barracuda Packet Collectors and Application Rebuilder,Riverbed Profiler as well as BacKTrak LINUX (Forensics),Metasploit and other tools as specified by US CERT, FCC, NIST and FISMA standards. • Worked with Cisco PIX 500 series, Cisco FWSM, ASA 5500 and CheckPoint Firewalls R61 - R75. Sr. Security Analyst / Network Engineer FDA - Bethesda, MD - January 2011 to October 2012 • Responsible for the installation, configuration and maintenance ofall servers and workstations in the division.This included securityscanning and hardening ofall workstations and servers. • Created Shell Scripts in multiple scripting languages. ◦ Used them in OS Crontab as well as web server CGI-Bin. • Created and updated process and procedure documentation dealing with securityor forensic studyof malware. • Perform on-call duties every other month or as needed according to team schedule. • Update Ethical Hacking and PEN testing tools such as,CANVAS, Metasploitand other tools as specified by the clientand their standards • Perform on-call duties every other month or as needed according to team schedule. • Install and configure Cisco ASA / PIX and Checkpointfirewalls as needed bythe customer.Also in charge of maintaining proper IOS code level and keep the configurations to a manageable size. Sr. Security Analyst / Network Engineer Unisys - Washington,DC - March 2010 to January 2011 • Responsible for the installation, configuration and maintenance ofall network securitydevices. This included Cisco PIX 525 / 535, ASA 5500. • Responsible for using and creating shell scripts. • Created new jobs and processes with korn shell (as an example) in order to be placed in to cron jobs on given LINUX servers. • Created and updated processes and procedural documentation for Security Team. • Updated patches,changed and coded as needed. • Performed on-call duties every other month or as needed according to team schedule. • Updated Ethical Hacking and PEN testing tools such as,CANVAS, Metasploitand other tools as specified by Unisys standards. Sr. Security Analyst / Network Engineer Architect Of The Capitol - Washington,DC - May 2008 to March 2010 • Responsible for the installation,configuration and maintenance ofall network securitydevices, including: Checkpointw/ R70 - R62, Cisco PIX 525 / 535, ASA 5500, done weekly. • Responsible for using and creating shell scripts. • Created new jobs andprocesses with kornshell(as an example) in order to placecron jobs on LINUXservers. • Worked with NIST and FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers.
  • 3. • Worked with DCID 6/x, • Used DISA Gold Disk,along with checklistand scripts. • Used WebRoot to check organization desktops and server for spyware and other malwarein order to generate monthlyreports. • Used Symantec ClientSecurity (3.0) enterprise wide,Antivirus (10.0) and ClientFirewall. • Used Symantec SIM for information and risk compliance. • Responsible for writing new policy and procedures and updating old ones as well as all Security Information Management. • Responsible for reviewing proposed changes to the A.O.C. Network with Visio diagrams or PDF files. • Marked recommendations thatwentalong with proposed changes to the A.O.C. Network. • Monitored all emergencychanges to the network from the securityside,made recommendations and enforced policy during said changes. • Responsible for ethical hacking and penetration testing.Primarilyused Metasploitand Canvas. • Performed VulnerabilityTesting and used Nessus Server and Client,sniffers including:Wireshark, NetscoutEnterprise Sniffer. • Installed and maintained testing tools in order to perform packet captures and logging of captures. Sr. Network / Firewall Engineer IBM - Manassas,VA - September 2007 to March 2008 • Responsible for the installation, configuration and maintenance of all network security devices including: Cisco PIX 525 / 535, ASA 5500, Cisco IOS 12.4.x, CATOS […] PIXOS 6.x-7.x, and Nokia IP380's, Firewall Service Module (FWSM) and running CheckPoint Firewall IPSO 3.8+. • Worked extensively with the VPN Concentrator,Juniper Networks - Netscreen VPN products and device clustering. • Worked with Nortel Contivity, Cisco Works, HP OpenView and Eye of the Storm. • Responsible for the up keep and maintenanceofapproximately20 LINUXservers.All of which required shell scripting for new jobs and processes,such as processing logs files. • Worked with Perl and Java script in order to create new scripts or reverse engineer current scripts. • Was responsible for setting a point-to-pointVPN connection between PIX 501 and Linksys 54G.Later in the projectwe used the "easy vpn config" to switch out the Pix 501 with an ASA 5509. • Worked with NIST and FISMA standards,both practical application for networking equipment,desktop configuration,Windows and UNIX servers. • Responsible for the creationofinfrastructuredocumentationsuch as Visiodiagrams,policies and procedures,governing changes to configurations or the addition of new rules. • Worked with NIST and FISMA standards, both practical application for networking equipment,desktop configuration,Windows and UNIX servers. • Updated procedures and conducted drills for site disaster recoveries. • Installed and maintained ArcSightSIMas well as the dailyuse for analyzing the networks differentnetworks. • Installed,configured and maintained Cisco Load Balancers.Also responsible for weekend and after hours callouts for troubleshooting. • Installed and maintained nCircle and used for daily for vulnerability scanning. • Used Wireshark and Metasploit Framework tools for scanning and capturing data • Administered network management software,SolarWinds, CiscoWorks, Tivoli NetView, HP,and OpenView. • Created rule-sets in Cisco MARS used to interrogate security logs generated by MARS. • Monitored firewall logs daily for any changes and suspicious activity. • Maintained virus, worm and other malicious threatawareness through subscriptions with SANS.org, CheckPoint,Symantec, Cisco and Microsoft Security Website,and Metasploit. • Highly skilled in the use and implementation ofCheckpointDashboard products including CheckpointNGX R65 and below. • Extensive uses of packet capture software such as WireShark, and Observer. • Maintained rule sets, policies and code levels on Bluecoat Proxy server and Websense Security Suite. • Extensive experience with numerous network monitoring,scanning and reporting solutions and Security Information Management (SIM). • Used LINUX (RedHat, Slackware) daily.
  • 4. • Install and configured Cisco routers using IOS 12.4(2)T, using OSPF, EIGRP, static routing also have extensive experience in the use of ACL's in routers,firewalls and switches. • Was responsible for being on 24/7 on-call in the US Army. Network Engineer / Sr. Security Independent Contractor - Federal - Washington, DC - April 2007 to September 2007 Responsible for analyzing possible security threats to overseas sites located in 140 US Consulates in 136 countries.Accomplished byusing Cisco MARS (Mitigation, Attack, Response,Solution).It was installed and configured by myself. This solution was able to pull logs from multiple vendor firewalls, systems then correlated the obtained information in to incidents, events, reporting, attack diagrams and threat matrixes. • Was responsible for configuring and maintaining the Cisco VPN 3000 Concentrator.Cisco Pix 501 to 535 models andmaking the 501talk to a Linksys 54GWireless Router while in firewall modefor an offsite network. • Worked with NIST and FISMA standards,both practical application for networking equipment, desktop configuration,Windows and UNIX servers. • Setup monitoring of Cisco routers and switch logs using Cisco Works. • Used Performance Monitoring with SolarWinds Orion and Cisco Works Intranet Performance Monitor. • Responsible for writing scripts to be used byCisco Works to automate processes,such as,changing Secret / VTY and user passwords monthly. • Used Symantec Client Security (3.0) enterprise wide, included was Antivirus (10.0) and Client Firewall • Used Symantec SIM for information and risk compliance. • On-call 24/7 for emergencyresponse atthe DC site as wellas making myselfavailable to our overseas sites. • Was also responsible for configuring bandwidth trending,alerting for critical system processes and devices listed as down. ◦ The system was configured to send pages / text messages to cell phones as well as emails. ◦ Used extensively to scan, track, prevent and report attempted cyber-attacks against USDA Foreign Assets. Further assessment of intelligence that originated in the Middle East, North Africa, parts of Israel, along with other regions and countries thatwere known to be sympathetic / friendly to those areas yielded more information on pointoforigin for suspected attacks.This also provided more intelligence on suspected internet crime organizations in various regions of the world. Information gathered on suspected terror groups was passedon to the intelligence organizations while suspectedinternationalInternetcriminal groups were passed on to INTERPOL. Also skilled in IBM (SIM) and Symantec (SIM) • Participated in real world operations in that region contributed greatly to expert knowledge of the area's people,cultures,customs,technological demographics, conventional terrorism as well as cybercrime and terror organizations were instrumental in creating network and utilities risk assessments and analysis. • Had access to all Cisco routers, switches and VPN concentrators of all sites both local and worldwide. Also skilled in troubleshooting all above listed Cisco devices.Was responsible for upgrading Cisco Secure ACS and TACACS to TACACS+. • Tasked with maintaining user VPN accounts and network engineering /admin accounts on TACACAS+ so all equipmentcould be accessed bythe use of single user id ,password and enable /secret passwords. • Skilled in installing, configuring, maintaining and troubleshooting Juniper devices, such as NetScreen. • Extensive use of OSPF and EIGRP as primary routing protocols while working for the USDA. • Worked closelywith US State Departmentand Foreign Agriculture Service, upper managementto provide reports in reference to overseas network securityand any new possible threats / risks. • Studied extensively diverse topics and technologies regarded by experts as information warfare, which consisted of malicious code, including, Java Applets, JavaScript, macros and other scripting and markup languages.Also conducted planned DoS attacks,IP and MAC address spoofing as well as Ethical Hacking and Cracking (A.K.A. Pen Testing). • Proved valuable performing risk assessments ofnew equipment and potentiallyvolatile situations caused by erroneous configurations or breaches of security. • Worked with NIST, NIACAP, DIACAP and FISMA procedures and protocols • Extensive experience configuring PKIand AES encryption in Cisco Routers and PIX Firewall and ASA 5500 series Cisco Firewalls Sr. Network and Security Engineer / Team Leader / Project Manager
  • 5. IBM Global Services - Ashburn, VA - December 1999 to April 2007 • Responsible for boarding external and internal IBM customers in the Ashburn Virginia Collocation facility. • Responsible for annual budget. Employee reviews and SAS70 security inspections. • Worked on a regular basis as a CCNA and CCNP level. At the time I did actually have a CCDA. • Responsible for the managementof30 employees and contractors,career counseling and annual reviews. Also responsible for hiring and termination of employees as necessary. • Daily use of Tivoli Management products such as Netview and Storage Manager. I am also familiar with almost all IBM products. To include HMC AIX systems management tools, Tivoli setup, maintenance and upgrades. • Designed,implemented and managed custom Tivoli Netview and Cisco Works 2000 and Cisco Works LSM 2.6 Solutions for customers in Collocation and Fully Managed Environments. • Also skilled in the use of MRTG on infrastructure devices for measuring bandwidth. • Skilled in using the reporting element of MRTG. • Extremely familiar with NIST, both practical application for networking equipment, desktop configuration, Windows and UNIX servers.Referenced NIST SP 800-50 and SP 800-40 series primarily for safeguarding MS Windows OS, UNIX / LINUX OS and network printers. • Use physical security protocols and procedures to include social engineering, shoulder surfing, physical lock picking and other measures such as dumpster diving to test physical security as well as security software, packet monitoring software and products such as Solar Winds Orion and download able tools such as TCPDUMP, ETHERRAPE, ETHEREAL as well as password crackers and keystroke recorders to test logical / virtual security. Also taught techniques to senior staff members that were actively involved in ongoing security protocols and procedures. • Thinking out of the box or much like a professional cooperate s py when it comes to security. • Worked with TCP/IP every day. Due to clients and the way they were managed Iusuallydealt with the first three layers of the TCP/IP Stack. But have worked extensively with all seven layers at one time or another. • Installed and configured Cisco 6509 Core switches, Cisco 6504, Cisco 4008 Switches as well as Cisco 1700 series through Cisco 12008 GSR Routers. • Maintained redundant OC-3 connections to the Collocation site. Used OSPF, EIGRP, RIP, RIP II and IGRP during router configurations. Also skilled in troubleshooting these protocols using SNMP and it's MIB Database. • Installed and configured Big-IP F5's. Was also responsible for troubleshooting during weekend and after hour's callouts. • Skilled in SONET, POS, Frame Relay, T-1, Fractional T-1, ISDN PRI and BRI, I also work well with service providers such as Sprint and Verizon to complete circuits and projects. • Was responsible for installing and configuring Cisco and Juniper VPN solutions, servers and clients. • Highly skilled in troubleshooting both Microsoft workstations and servers. Former MSCE (WinNT 4.0), so I'm very skilled in Microsoft Operating Systems. (All of them). • Extraordinarily work well with teams as a team member or as a team lead. I always know my place and where I stand with in a team never overstep my bounds without prior permission from either the team lead or management. • Also skilled with solutions and reporting tools such as Cisco MARS. • Responsible for troubleshooting customer network equipment such as, Nokia IP 330 and 660 Firewalls running Checkpoint firewall, Cisco PIX Firewalls as well as Cisco and Nortel Routers and switches. Checked firewall logs daily for any new issues. And ran them against Cisco (MARS) - Mitigation Attack Response Solution. • Wrote process and procedures for Collocation and fully managed network environments. • Was responsible for leading and decision making during day to day operations and as well as disaster recovery situations. • Designed and built Security and Network Operations Center at the data centers as well as wrote all Standard Operating Procedures for both NOC and SOC. Also worked shifts when we were short of employees due to illness and vacations. US Army Warrant Officer (255N Network Management Technician)
  • 6. Fort Gordon, GA - May 1990 to January 1996 Network Engineer for the U.S. Army Signal School. EDUCATION Master of Science, Computer Science (3.73 GPA) Virginia Tech, College ofEngineering – 1997 - 1999 Blacksburg,VA CERTIFICATIONS CCIE Security CCIE Routing and Switching CISSP, CEH, PMP, Security+ CE SKILLS Network Security (10+ years), Network Management(10+ years), Network Engineering (10+ years), Firewalls (10+ years),Routers (10+ years), Switches (10+ years), Penetration Testing (10+ years), Vulnerability Assessments (10+ years).